Anthropic says a Chinese state-linked group misused its Claude AI tool to automate most steps of a cyberattack campaign targeting global institutions. The firm intervened after detecting suspicious use of its model.
The September attack targeted 30 organizations, including government bodies and financial firms. Several intrusions were successful, allowing unauthorized access to internal systems.
Anthropic said Claude autonomously performed the majority of the operational workflow. The company described this as an indicator of how AI technology can be weaponized for large-scale automated cyber activity.
Despite this, Claude showed clear limitations. It fabricated findings, misunderstood technical information, and labeled openly available content as confidential.
Cybersecurity experts responded with differing assessments. Some see the incident as a warning about the future of AI misuse, while others believe Anthropic is overstating the level of autonomy involved.